Fedora 12 and unconfined_u sshdfilter
Dominick Grift
domg472 at gmail.com
Mon Dec 7 20:28:30 UTC 2009
On Mon, Dec 07, 2009 at 12:01:09PM +0000, Moray Henderson (ICT) wrote:
> James Carter wrote:
> >Dan's example used Refpolicy interfaces. Interfaces are very useful and
> >provide a better layer of abstraction, but they are just m4 macros,
> >which have always been used in SELinux policy.
> >
> >Interfaces should be used as much as possible, but it is not true that
> >you can't mix the old and new ways.
>
> Mixing the plain rules and the m4 macros didn't work when I tried it - but perhaps I just wasn’t writing it right. Is there a Refpolicy tutorial anywhere?
I spend a little time today writing about the policy structure in Fedora. Maybe it can help you or others:
http://82.197.205.60/~dgrift/stuff/Managing_a_SELinux_environment_with_Fedora_12.pdf
>
>
> Moray.
> "To err is human. To purr, feline"
>
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20091207/15469d79/attachment.sig>
More information about the fedora-selinux-list
mailing list